[tor-commits] [tor-browser-spec/master] Add cryptocurrency-user-safety proposal to ideas

gk at torproject.org gk at torproject.org
Mon Apr 8 08:00:35 UTC 2019


commit 61bf94fd1413d00a76b4d16eeeedfca8314f265e
Author: Georg Koppen <gk at torproject.org>
Date:   Mon Apr 8 07:51:32 2019 +0000

    Add cryptocurrency-user-safety proposal to ideas
---
 proposals/ideas/xxx-cryptocurrency-user-safety.txt | 97 ++++++++++++++++++++++
 1 file changed, 97 insertions(+)

diff --git a/proposals/ideas/xxx-cryptocurrency-user-safety.txt b/proposals/ideas/xxx-cryptocurrency-user-safety.txt
new file mode 100644
index 0000000..4ac7fb0
--- /dev/null
+++ b/proposals/ideas/xxx-cryptocurrency-user-safety.txt
@@ -0,0 +1,97 @@
+Filename: xxx-cryptocurrency-user-safety.txt
+Title: Protecting Against Malicious Exit Nodes Performing Cryptocurrency Hijacking
+Author: Tom Ritter
+Created: 06-Mar-2019
+Status: Draft
+
+1. Motivation
+
+  Sometimes, exit nodes are malicious. One activity malicious exit nodes
+  perform is rewriting the addresses of cryptocurrencies to hijack and steal
+  funds users are trying to send to the original address. Tor Project and
+  volunteers scan and report malicious exit relays where-upon they are
+  given the BadExit flag.
+
+  In the period of time between the nodes being identified and being
+  blocklisted, users are put at risk from these nodes.
+
+2. Proposal
+
+2.1. Required Infrastructure
+
+  This proposal is complementary to the 103-selfsigned-user-safety.txt proposal.
+  We assume that (only) one of the following is in place.
+
+2.1.1 selfsigned-user-safety
+
+  The selfsigned-user-safety proposal is implemented.
+
+2.1.2 Self-signed certificate error detection
+
+  As in selfsigned-user-safety, we classify TLS Certificate Errors into two
+  categories.
+
+  Class 1: Suspicious Certificate Errors
+
+   - A self-signed certificate
+   - A certificate signed by a Trust Anchor but for a different hostname
+   - A certificate that appears to be signed by a Trust Anchor, but is
+     missing an intermediate allowing a full path to be built
+
+  Class 2: Unsuspicious Certificate Errors
+
+   - An expired certificate signed by a Trust Anchor
+   - A certificate that requires an OCSP staple, but the staple is not
+     present
+
+  The browser will detect a Class 1 error and make this state available for
+  the browser to base decisions off of.
+
+2.2. Browser Logic
+
+  The browser will be able to recognize addresses of common cryptocurrencies
+  and when a user executes a copy event, will search for such an address in the
+  copied text.
+
+  If an address is detected and:
+   - the page is loaded over HTTP
+   or
+   - selfsigned-user-safety is not implemented, the page is loaded over HTTPS,
+     and the certificate has a Class 1 Suspicious Certificate Error
+
+  Then the text MUST NOT be copied to the clipboard.
+
+  Basically this prevents the address from being copied if the address could
+  have been changed by the exit node.
+
+3. False Positives
+
+  Not every cryptocurrency address served over HTTP is being attacked by a
+  malicious exit node.
+
+4. False Negatives (Attacker-Controlled)
+
+  An attacker could change the address to a QR code and prompt the user to
+  scan it with their phone. This would not be detectable if the attacker
+  rendered the QR code using background-colored <div> elements for example.
+
+  There are likely other bypasses to consider.
+
+5. User Interface/Experience
+
+  The text will not be copied. But when the user executes the copy shortcut or
+  menu item a model dialog (like alert()) could be presented explaining why the
+  copy failed.
+
+  We could also use a doorhanger or information bar - but both of these seem prone
+  to being missed or ignored; while a modal dialog will be immediate, come with a
+  sound, and
+
+6. User Bypass
+
+  The user can, of course, manually type the address.
+
+7. Implementation
+
+  In Firefox, this entire concept can likely be implemented as a WebExtension
+  using the TLS Web Extension APIs and the Clipboard APIs.





More information about the tor-commits mailing list